module BotBlocker
  extend ActiveSupport::Concern

  included do
    before_action :block_bots
  end

  private

  def block_bots
    return unless bot_request?

    render plain: "Bot access is not allowed", status: :forbidden
  end

  def bot_request?
    user_agent = request.user_agent.to_s.downcase

    # List of known bot user agents
    bot_patterns = [
      'gptbot',           # OpenAI GPTBot
      'chatgpt',          # ChatGPT
      'claude-web',       # Anthropic Claude
      'bingbot',          # Microsoft Bing
      'googlebot',        # Google
      'baiduspider',      # Baidu
      'yandexbot',        # Yandex
      'duckduckbot',      # DuckDuckGo
      'slurp',            # Yahoo
      'facebookexternalhit', # Facebook
      'twitterbot',       # Twitter
      'linkedinbot',      # LinkedIn
      'whatsapp',         # WhatsApp
      'telegrambot',      # Telegram
      'slackbot',         # Slack
      'discordbot',       # Discord
      'applebot',         # Apple
      'ia_archiver',      # Alexa/Internet Archive
      'petalbot',         # Huawei
      'seznambot',        # Seznam
      'ahrefsbot',        # Ahrefs
      'semrushbot',       # SEMrush
      'mj12bot',          # Majestic
      'dotbot',           # OpenSiteExplorer
      'rogerbot',         # Moz
      'exabot',           # Exalead
      'facebot',          # Facebook
      'spider',           # Generic spiders
      'crawler',          # Generic crawlers
      'scraper',          # Generic scrapers
      'bot',              # Generic bots (last resort)
    ]

    bot_patterns.any? { |pattern| user_agent.include?(pattern) }
  end
end